Metadata in zope / binary data on FS,
was Re: [ZODB-Dev] __del__ with Persistent objects
Paul Winkler
pw_lists at slinkp.com
Fri Jul 18 20:07:25 EDT 2003
On Fri, Jul 18, 2003 at 01:47:13PM -0400, Jeremy Hylton wrote:
> Chris and Shane had some ideas about how to improve ZServer for large
> files IIRC. I believe the problem is that one of Zope's threads get
> used for the large file for the entire time the client is downloading.
> That makes Zope slow for everything else.
Worse, it makes for a pretty easy DOS attack. :-(
I wrote a 10-line proof of concept script which opens the
same file several times simultaneously; I made my zope
completely unresponsive by spawning only 6 requests for a single
8 MB file. Only for a minute or two, of course; once a few of these
requests had finished, everything seemed fine.
I think what's happening is that the database connections are
getting monopolized. Once the data is loaded by Zope the script
runs very quickly and doesn't seem to hurt anything.
So it's not much of a DOS attack after all. But still problematic.
--
Paul Winkler
http://www.slinkp.com
More information about the ZODB-Dev
mailing list